Amendments to the Claims: 



This listing of claims will replace all prior versions, and listings of claims in the 
application. Applicant has submitted a new complete claim set showing marked up 
claims with insertions indicated by underlining and deletions indicated by strikeouts 
and/or double bracketing. 

Listing of Claims: 

1. (Canceled) 

2. (Currently Amended) Th e m e thod of cla i m 1 . further A method of inviting 
and joining a peer to a secure peer-to-peer group comprising the steps of: 

obtaining a public key of a peer; 

forming, by a first member of the group, a group membership certificate 
containing the peer's public key and signed with the a_group private key of a group 
public/private key pair : and 

sending the group membership certificate from the first member to the peer to 
invite the peer to join the group , the group membership certificate allowing the peer to 
join the group through a second member other than the first member . 

3. (Currently Amended) The method of claim [[1 ]] 2, further comprising the 
step of generating a group shared key to be used to encrypt group traffic. 

4. (Original) The method of claim 2, wherein the step of forming a group 
membership certificate comprises the step of forming a group membership certificate 

Type of Response: Amendment 
Application Number: 09/955,924 
Attorney Docket Number: 1 77765.01 
Filing Date: 09/19/2001 

4/26 



having a structure [Version, ID, Peer ID, Serial Number, Validity, Algorithms, P| D , 

Plssuer]Klssuer« 



5. (Currently Amended) The method of claim 2, further comprising the 
steps of: 

receiving a connect message from the peer containing the group membership 
certificate signed by a private key pair of the peer's public key; 

authenticating the group membership certificate signed by the peer's private key; 

and 

when the step of authenticating is successful, 

sending an accept message to the peer, and 
sending [[the]] a group shared key to the peer. 



6. (Currently Amended) The method of claim 5, wherein the step of 
authenticating comprises the steps of: 

verifying that [[a]] at least one signature of the group membership certificate is 

valid; 

verifying that the group membership certificate has not expired; 
verifying that [[the]] a hash of the peer's public key matches th e p ee r an 
identification of the peer : 

opportunistically verifying ownership of the group membership certificate. 

7. (Currently Amended) The method of claim 5, wherein the step of 
authenticating comprises the steps of: 

determining if the group membership certificate is listed in a group certificate 
revocation list (CCRL); 
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determining if any certificates in a chain of group membership certificates is 
listed in the CCRL; 

when any certificates in the chain is listed in the GCRL, determining if a date of 
revocation of the certificate in the chain is before a date of issue of the peef^ group 
membership certificate; and 

when the date of revocation is after the date of i ssuance issue , issuing a «ew 
second group membership certificate to the peer. 

8. (Currently Amended) In a secure peer-to-peer group having a predefined 
public/private key pair (Pc/Kg), a method of inviting a peer to join the group, comprising 
the steps of: 

obtaining a public key (Pui) of a peer by a first member of the peer-to-peer 

group : 

forming by the first member a first group membership-certificate containing the 
peer's public key (Pui) and a second group membership certificate signed with the group 
private key (Kg), the first group membership certificate being signed with a private key 
of an i ssuer the first member (Ku2): and 

sending the first and second group membership c e rt i f i cate certificates from the 
first member to the peer to invite the peer to join the group. 

9. (Currently Amended) The method of claim 8, wherein the step of forming 
a group m e mbersh i p cert i f i cat e by the first member comprises the step of forming a 
group membership certificate having a structure ((Pui)Kc)Ku2). 

1 0. (Currently Amended) The method of claim 8, further comprising the 
steps of: 
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receiving , at a second member different from the first member, a connect 
message from the peer containing a third group certificate comprising the first group 
membership certificate signed by a private key pair of the peer's public key; 
authenticating the third group certificate; and 
when the step of authenticating is successful, 

sending an accept message to the peer from the second member , and 
sending a group shared key to the peer from the second member . 

1 1 . (Currently Amended) The method of claim 1 0 t wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the third group certificate is valid; 
verifying that the third group certificate has not expired; 

verifying that [[the]] a hash of the peer's public key matches a peer identification; 
opportunistically verifying ownership of the third group certificate. 

1 2. (Currently Amended) The method of claim 1 0, wherein the step of 
authenticating comprises the steps of: 

determining if the third group certificate is listed in a group certificate revocation 
list (GCRL); 

determining if either of the first and second group membership certificates is 
listed in the GCRL; 

when either of the first and second group membership certificates is listed in the 
GCRL, determining if a date of revocation is before a date of issuance of the third group 
certificate; and 

when the date of revocation is after the date of issuance, issuing a new group 
certificate to the peer. 
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1 3. (Currently Amended) A method of securely joining a peer-to-peer group 
by a peer having a public and a private key, comprising the steps of: 

receiving a group invitation from a first member containing an invitation 
certificate having a group ID provided therein; 

resolving the group ID to find a third member of the group different from the 
first member : 

sending a connect message to the third member containing the invitation 
certificate signed with the private key; 

receiving an accept message from the third member containing a group 
membership certificate signed by a private key of the third member: and 

receiving a group shared key to enable decryption of group traffic. 

1 4. (Currently Amended) The method of claim 1 3, further comprising the 
step of authenticating the group membership certificate signed by the private key of the 
third member to ensure the member's association with the group. 

1 5. (Currently Amended) The method of claim 1 4, further comprising the 
step of resolving the group ID to find a second member of the group to which to 
connect when the step of authenticating the group membership certificate signed by the 
private key of the third member fails. 

1 6. (Currently Amended) The method of claim 1 4, wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the group membership certificate is valid; 
verifying that the group membership certificate has not expired; 
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verifying that [[the]] a hash of the third member's public key matches a member 
identification; 

opportunistically verifying ownership of the group membership certificate. 

1 7. (Currently Amended) The method of claim 1 3, wherein the step of 
receiving a group invitation from a first member containing an invitation certificate 
having a group ID provided therein comprises the step of receiving a group invitation 
from [[a]] the first member containing an invitation certificate and a group membership 
certificate; and 

wherein the step of resolving the group ID to find a member of the group 
comprises the step of resolving the group ID to find a second member of the group; and 

wherein the step of sending a connect message to the member containing the 
invitation certificate signed with the private key comprises the step of sending a connect 
message to the second member containing the invitation certificate and the group 
membership certificate from the first member. 



1 8. (Currently Amended) A method of securely admitting a peer to a peer- 
to-peer group, comprising the steps of: 

receiving at a first member of the peer-to-peer group, a connect message from 
the peer containing an invitation certificate generated bv a second member of the peer- 
to-peer group and signed by a private key of the peer , the first member being different 
from the second member : 

authenticating the invitation certificate signed by the peer's private key; and 

when the step of authenticating is successful, 

sending an accept message to the peer, and 
sending a group shared key to the peer. 
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1 9. (Currently Amended) The method of claim 1 8, wherein the step of 
authenticating comprises the steps of: 

verifying that a signature of the invitation certificate is valid; 
verifying that the invitation certificate has not expired; 
verifying that a hash of th e p ee r's a^public key of the peer matches a peer 
identification of the peer . 

20. (Currently Amended) The method of claim 1 8, wherein the st e p of 
r e c ei v i ng a conn e ct message from the peer conta i ning an i nv i tat i on cert i f i cate s i gned by 
a pr i vat e k e y of the p ee r compr i s e s th e st e p of r e c ei v i ng a connect message from the 
peer conta i n i ng an inv i tat i on c e rtif i cat e and further contains a group membership 
certificate from [[a]] the second member of th e group that i ssu e d th e i nv i tat i on 
c e rt i ficate . 

21 . (Currently Amended) The method of claim 20, wherein the step of 
authenticating comprises the steps of: 

determining if the group membership certificate is listed in a group certificate 
revocation list (GCRL); 

when the group membership certificate is listed in the GCRL, determining if a 
date of revocation of the group membership certificate is before a date of issuance of 
the invitation certificate; and 

when the date of revocation is after the date of issuance, issuing a new group 
membership certificate to the peer. 
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22. (Currently Amended) A computer-readable medium having computer- 
executable instructions for performing the steps of claim [[1]] 2. 

23. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 8. 

24. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 1 3. 

25. (Original) A computer-readable medium having computer-executable 
instructions for performing the steps of claim 1 8. 
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